Ransomware, Critical Infrastructure Security

Feds: Interlock ransomware gang ramps up attacks

Organizations in critical infrastructure sectors and businesses have been warned by the Cybersecurity and Infrastructure Security Agency, the FBI, and other federal agencies regarding the escalating attacks by the Interlock ransomware operation following its high-profile targeting of healthcare organizations, according to The Record, a news site by cybersecurity firm Recorded Future.

Interlock which was first identified in September leveraged drive-by downloads and the ClickFix social engineering tactic for initial compromise and subsequent delivery of browser update-spoofing malware in opportunistic intrusions, noted a joint federal cybersecurity advisory. Attacks by the group, which was also noted to be potentially related to the Rhysida ransomware gang, have also led to the distribution of the Lumma and Berserk information-stealing payloads for credential theft and privilege escalation activities. Such an alert comes just days after the FBI disclosed that Japanese law enforcement officials had released a free Phobos ransomware decryption tool.

An In-Depth Guide to Ransomware

Get essential knowledge and practical strategies to protect your organization from ransomware attacks.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds